upcoming: [M3-9424] - Review nodebalancers validation schemas #11910
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
harsh-akamai
requested review from
cpathipa and
coliu-akamai
and removed request for
a team
…hub.com/harsh-akamai/manager into M3-9424-review-nb-vpc-validation-schema
| @@ -97,6 +97,7 @@ export const vpcsValidateIP = ({ | |||
| } | |||
|
|
|||
| if (isIPv6) { | |||
| // @todo update the IPv6 prefix if required for NB-VPC integration | |||
There was a problem hiding this comment.
Suggested change
| // @todo update the IPv6 prefix if required for NB-VPC integration | |
| // @TODO NB-VPC: update the IPv6 prefix if required for NB-VPC integration |
| ipv6_range: string() //TBD | ||
| .notRequired() | ||
| .nullable() | ||
| .matches(PRIVATE_IP_REGEX, 'Must be a valid private IPv6 address.') |
There was a problem hiding this comment.
IPv6 has a different format than IPv4, so an IPv6-specific regex will need to be used and we should revert the name change to the existing regex variable
| .required('Subnet ID is required.'), | ||
| ipv4_range: string() | ||
| .typeError('IPv4 address is required.') | ||
| .required('IPv4 address is required.') |
There was a problem hiding this comment.
Is this the case? I would imagine it could have either an IPv4 range or IPv6 range, or both, but not neither. Assuming what I described is accurate, we could use similar logic as what was done for createSubnetSchemaWithIPv6 in vpcs.schema.ts
There was a problem hiding this comment.
Sounds right. I've made changes to adapt to the logic present in createSubnetSchemaWithIPv6
|
Can we also get a |
…dpoints in /v4/nodebalancers (& /v4beta/nodebalancers) for NB-VPC Integration
dwiley-akamai
requested changes
Apr 4, 2025
|
|
||
| const PORT_WARNING = 'Port must be between 1 and 65535.'; | ||
| const LABEL_WARNING = 'Label must be between 3 and 32 characters.'; | ||
|
|
||
| export const PRIVATE_IPv4_REGEX = /^10\.|^172\.1[6-9]\.|^172\.2[0-9]\.|^172\.3[0-1]\.|^192\.168\.|^fd/; | ||
| export const PRIVATE_IPv6_REGEX = /^(fc|fd)\./; |
There was a problem hiding this comment.
I don't think this regex will match valid IPv6 addresses. We should test the regex expressions with a tool like regex101.com to ensure it works as intended. We'll also want it to account for the mask since it's an IPv6 range
There was a problem hiding this comment.
The sample IPv6 range fails the regex pattern:
It may be that a comprehensive regex for IPv6 may be challenging or too complex for our purposes, but if that is the case we should note in a comment that we're only testing the beginning letters of it rather than the entire IP.
There was a problem hiding this comment.
Noted. I've made changes to the regex and I've also added a comment. Thanks for catching this 🙌
| then: (schema) => | ||
| schema | ||
| .required(IP_EITHER_BOTH_NOT_NEITHER) | ||
| .matches(PRIVATE_IPv4_REGEX, 'Must be a valid private IPv4 address.') |
There was a problem hiding this comment.
let's store the 'Must be a valid private IPv4 address.' string in a constant since we use it several times
Comment on lines
264
to
332
| const createNodeBalancerVPCsSchema = object({ | ||
| subnet_id: number() | ||
| .typeError('Subnet ID must be a number.') | ||
| .required('Subnet ID is required.'), | ||
| ipv4_range: string().when('ipv6_range', { | ||
| is: (value: unknown) => | ||
| value === '' || value === null || value === undefined, | ||
| then: (schema) => | ||
| schema | ||
| .required(IP_EITHER_BOTH_NOT_NEITHER) | ||
| .matches(PRIVATE_IPv4_REGEX, 'Must be a valid private IPv4 address.') | ||
| .test({ | ||
| name: 'IPv4 CIDR format', | ||
| message: 'The IPv4 range must be in CIDR format.', | ||
| test: (value) => | ||
| vpcsValidateIP({ | ||
| value, | ||
| shouldHaveIPMask: true, | ||
| mustBeIPMask: false, | ||
| }), | ||
| }), | ||
| otherwise: (schema) => | ||
| lazy((value: string | undefined) => { | ||
| switch (typeof value) { | ||
| case 'undefined': | ||
| return schema.notRequired().nullable(); | ||
|
|
||
| case 'string': | ||
| return schema | ||
| .notRequired() | ||
| .matches( | ||
| PRIVATE_IPv4_REGEX, | ||
| 'Must be a valid private IPv4 address.' | ||
| ) | ||
| .test({ | ||
| name: 'IPv4 CIDR format', | ||
| message: 'The IPv4 range must be in CIDR format.', | ||
| test: (value) => | ||
| vpcsValidateIP({ | ||
| value, | ||
| shouldHaveIPMask: true, | ||
| mustBeIPMask: false, | ||
| }), | ||
| }); | ||
|
|
||
| default: | ||
| return schema.notRequired().nullable(); | ||
| } | ||
| }), | ||
| }), | ||
| ipv6_range: string().when('ipv6_range', { | ||
| is: (value: unknown) => | ||
| value === '' || value === null || value === undefined, | ||
| then: (schema) => | ||
| schema | ||
| .required(IP_EITHER_BOTH_NOT_NEITHER) | ||
| .matches(PRIVATE_IPv6_REGEX, 'Must be a valid private IPv6 address.') | ||
| .test({ | ||
| name: 'valid-ipv6-range', | ||
| message: 'Must be a valid IPv6 range, e.g. 2001:db8:abcd:0012::0/64.', | ||
| test: (value) => | ||
| vpcsValidateIP({ | ||
| value, | ||
| shouldHaveIPMask: true, | ||
| mustBeIPMask: false, | ||
| }), | ||
| }), | ||
| }), | ||
| }); |
There was a problem hiding this comment.
Right now, Cloud Manager doesn't load and we get the following console error:
Suggested change
| const createNodeBalancerVPCsSchema = object({ | |
| subnet_id: number() | |
| .typeError('Subnet ID must be a number.') | |
| .required('Subnet ID is required.'), | |
| ipv4_range: string().when('ipv6_range', { | |
| is: (value: unknown) => | |
| value === '' || value === null || value === undefined, | |
| then: (schema) => | |
| schema | |
| .required(IP_EITHER_BOTH_NOT_NEITHER) | |
| .matches(PRIVATE_IPv4_REGEX, 'Must be a valid private IPv4 address.') | |
| .test({ | |
| name: 'IPv4 CIDR format', | |
| message: 'The IPv4 range must be in CIDR format.', | |
| test: (value) => | |
| vpcsValidateIP({ | |
| value, | |
| shouldHaveIPMask: true, | |
| mustBeIPMask: false, | |
| }), | |
| }), | |
| otherwise: (schema) => | |
| lazy((value: string | undefined) => { | |
| switch (typeof value) { | |
| case 'undefined': | |
| return schema.notRequired().nullable(); | |
| case 'string': | |
| return schema | |
| .notRequired() | |
| .matches( | |
| PRIVATE_IPv4_REGEX, | |
| 'Must be a valid private IPv4 address.' | |
| ) | |
| .test({ | |
| name: 'IPv4 CIDR format', | |
| message: 'The IPv4 range must be in CIDR format.', | |
| test: (value) => | |
| vpcsValidateIP({ | |
| value, | |
| shouldHaveIPMask: true, | |
| mustBeIPMask: false, | |
| }), | |
| }); | |
| default: | |
| return schema.notRequired().nullable(); | |
| } | |
| }), | |
| }), | |
| ipv6_range: string().when('ipv6_range', { | |
| is: (value: unknown) => | |
| value === '' || value === null || value === undefined, | |
| then: (schema) => | |
| schema | |
| .required(IP_EITHER_BOTH_NOT_NEITHER) | |
| .matches(PRIVATE_IPv6_REGEX, 'Must be a valid private IPv6 address.') | |
| .test({ | |
| name: 'valid-ipv6-range', | |
| message: 'Must be a valid IPv6 range, e.g. 2001:db8:abcd:0012::0/64.', | |
| test: (value) => | |
| vpcsValidateIP({ | |
| value, | |
| shouldHaveIPMask: true, | |
| mustBeIPMask: false, | |
| }), | |
| }), | |
| }), | |
| }); | |
| const createNodeBalancerVPCsSchema = object().shape( | |
| { | |
| subnet_id: number() | |
| .typeError('Subnet ID must be a number.') | |
| .required('Subnet ID is required.'), | |
| ipv4_range: string().when('ipv6_range', { | |
| is: (value: unknown) => | |
| value === '' || value === null || value === undefined, | |
| then: (schema) => | |
| schema | |
| .required(IP_EITHER_BOTH_NOT_NEITHER) | |
| .matches(PRIVATE_IPv4_REGEX, 'Must be a valid private IPv4 address.') | |
| .test({ | |
| name: 'IPv4 CIDR format', | |
| message: 'The IPv4 range must be in CIDR format.', | |
| test: (value) => | |
| vpcsValidateIP({ | |
| value, | |
| shouldHaveIPMask: true, | |
| mustBeIPMask: false, | |
| }), | |
| }), | |
| otherwise: (schema) => | |
| lazy((value: string | undefined) => { | |
| switch (typeof value) { | |
| case 'undefined': | |
| return schema.notRequired().nullable(); | |
| case 'string': | |
| return schema | |
| .notRequired() | |
| .matches( | |
| PRIVATE_IPv4_REGEX, | |
| 'Must be a valid private IPv4 address.' | |
| ) | |
| .test({ | |
| name: 'IPv4 CIDR format', | |
| message: 'The IPv4 range must be in CIDR format.', | |
| test: (value) => | |
| vpcsValidateIP({ | |
| value, | |
| shouldHaveIPMask: true, | |
| mustBeIPMask: false, | |
| }), | |
| }); | |
| default: | |
| return schema.notRequired().nullable(); | |
| } | |
| }), | |
| }), | |
| ipv6_range: string().when('ipv4_range', { | |
| is: (value: unknown) => | |
| value === '' || value === null || value === undefined, | |
| then: (schema) => | |
| schema | |
| .required(IP_EITHER_BOTH_NOT_NEITHER) | |
| .matches(PRIVATE_IPv6_REGEX, 'Must be a valid private IPv6 address.') | |
| .test({ | |
| name: 'valid-ipv6-range', | |
| message: | |
| 'Must be a valid IPv6 range, e.g. 2001:db8:abcd:0012::0/64.', | |
| test: (value) => | |
| vpcsValidateIP({ | |
| value, | |
| shouldHaveIPMask: true, | |
| mustBeIPMask: false, | |
| }), | |
| }), | |
| }), | |
| }, | |
| [ | |
| ['ipv4_range', 'ipv6_range'], | |
| ['ipv6_range', 'ipv4_range'], | |
| ] | |
| ); |
The array at the end prevents the cyclic dependency error.
github-project-automation
bot
moved this from Review
to Changes Requested
in Cloud Manager
cpathipa
reviewed
Apr 10, 2025
| @@ -1,9 +1,12 @@ | |||
| import { array, boolean, mixed, number, object, string } from 'yup'; | |||
| import { array, boolean, lazy, mixed, number, object, string } from 'yup'; | |||
There was a problem hiding this comment.
@harsh-akamai Can you look into this ESLint warnings.
harsh-akamai
requested review from
dmcintyr-akamai
and removed request for
a team
harsh-akamai
force-pushed
the
M3-9424-review-nb-vpc-validation-schema
branch
from
211feb4 to
291f89d
Compare
…424-review-nb-vpc-validation-schema
| .test( | ||
| 'unique subnet IDs', | ||
| 'Subnet IDs must be unique.', | ||
| function (value?: any[] | null) { |
There was a problem hiding this comment.
No need to include a type annotation as yup will infer one for you!
Suggested change
| function (value?: any[] | null) { | |
| function (value) { |
dwiley-akamai
approved these changes
Apr 23, 2025
| .matches(PRIVATE_IPV4_REGEX, PRIVATE_IPV4_WARNING), | ||
|
|
||
| subnet_id: number().when('vpcs', { | ||
| is: (vpcs: typeof createNodeBalancerVPCsSchema) => vpcs !== undefined, |
There was a problem hiding this comment.
Do we need this to be:
Suggested change
| is: (vpcs: typeof createNodeBalancerVPCsSchema) => vpcs !== undefined, | |
| is: (vpcs: typeof createNodeBalancerVPCsSchema[]) => vpcs !== undefined, |
since the vpcs field is an array?
There was a problem hiding this comment.
Oops! Missed this. Thanks!
hkhalil-akamai
approved these changes
Apr 24, 2025
github-project-automation
bot
moved this from Changes Requested
to Approved
in Cloud Manager
…424-review-nb-vpc-validation-schema
Cloud Manager UI test results🎉 567 passing tests on test run #13 ↗︎
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description 📝
Update validation schemas for the changes in POST endpoints in /v4/nodebalancers (& /v4beta/nodebalancers) for NB-VPC Integration
How to test 🧪
Verification steps
Author Checklists
As an Author, to speed up the review process, I considered 🤔
👀 Doing a self review
❔ Our contribution guidelines
🤏 Splitting feature into small PRs
➕ Adding a changeset
🧪 Providing/improving test coverage
🔐 Removing all sensitive information from the code and PR description
🚩 Using a feature flag to protect the release
👣 Providing comprehensive reproduction steps
📑 Providing or updating our documentation
🕛 Scheduling a pair reviewing session
📱 Providing mobile support
♿ Providing accessibility support
As an Author, before moving this PR from Draft to Open, I confirmed ✅